Lucene search
K

43 matches found

Chainguard
Chainguard
added yesterday2 views

GHSA-4W9W-65JX-4742 vulnerabilities

Vulnerabilities for packages: chromium...

5.8AI score
Exploits0
OSV
OSV
added 2026/03/10 3:45 p.m.1 views

MINI-4742-3GXW-PGR5

Bulletin has no description...

2.5CVSS5.7AI score0.00201EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 1:18 a.m.9 views

CVE-2010-4742

Stack-based buffer overflow in a certain ActiveX control in MediaDBPlayback.DLL 2.2.0.5 in the Moxa ActiveX SDK allows remote attackers to execute arbitrary code via a long PlayFileName property value...

10CVSS8.3AI score0.5637EPSS
Exploits3References1
Circl
Circl
added 2025/05/16 3:34 a.m.22 views

CVE-2025-4742

creationtimestamp| type| source ---|---|--- 2025-05-16 03:34:24+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/16611 2025-05-16 05:07:54+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lpbb3u672h2t...

5.3CVSS5.4AI score0.00162EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/05/16 3:0 a.m.17 views

CVE-2025-4742 XU-YIJIE grpo-flat grpo_vanilla.py main deserialization

A vulnerability classified as problematic has been found in XU-YIJIE grpo-flat up to 9024b43f091e2eb9bac65802b120c0b35f9ba856. Affected is the function main of the file grpovanilla.py. The manipulation leads to deserialization. Local access is required to approach this attack. Continious delivery...

5.3CVSS0.00162EPSS
Exploits0References4
CVE
CVE
added 2025/05/16 3:0 a.m.33 views

CVE-2025-4742

CVE-2025-4742 affects XU-YIJIE grpo-flat up to 9024b43f091e2eb9bac65802b120c0b35f9ba856. The vulnerable component is the function main in the file grpo_vanilla.py , where input manipulation leads to a deserialization issue. Local access is required to exploit. The product uses continuous delivery...

5.3CVSS5.4AI score0.00162EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/06/20 2:8 a.m.19 views

CVE-2024-4742 Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress <= 1.2.5 - Authenticated (Contributor+) SQL Injection

The Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress plugin for WordPress is vulnerable to SQL Injection via the orderby shortcode attribute in all versions up to, and including, 1.2.5 due to insufficient escaping on the user supplied parameter and la...

6.5CVSS7.1AI score0.005EPSS
Exploits0References2
CVE
CVE
added 2024/06/20 2:8 a.m.70 views

CVE-2024-4742

CVE-2024-4742 affects the Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress up to version 1.2.5, with an SQL Injection vulnerability via the order_by shortcode attribute. Exploitation requires authenticated access at Contributor level or higher, enabli...

8.8CVSS9.3AI score0.005EPSS
Exploits0References3Affected Software1
Circl
Circl
added 2024/03/16 11:16 a.m.7 views

CVE-2019-4742

creationtimestamp| type| source ---|---|--- 2024-03-16 11:16:06+00:00| seen| https://t.me/ctinow/209485...

6.1CVSS6.8AI score0.00897EPSS
Exploits0References1
NVD
NVD
added 2023/09/14 7:16 p.m.7 views

CVE-2018-4742

Rejected reason: This candidate is unused by its CNA...

6.6AI score
Exploits0
NVD
NVD
added 2023/09/03 11:15 p.m.14 views

CVE-2023-4742

A vulnerability was found in IBOS OA 4.5.5 and classified as critical. This issue affects some unknown processing of the file ?r=dashboard/user/export&uid=X. The manipulation leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used...

8.8CVSS7.3AI score0.00702EPSS
Exploits1References3
CVE
CVE
added 2023/09/03 10:31 p.m.48 views

CVE-2023-4742

CVE-2023-4742 affects IBOS OA 4.5.5. The vulnerability arises from SQL injection in the endpoint handling ?r=dashboard/user/export&uid=X, triggered by unknown processing of the exported file. Exploitation has been disclosed publicly and can be done remotely. Multiple connected sources corroborate...

8.8CVSS7.3AI score0.00702EPSS
Exploits1References3Affected Software1
vulnersOsv
vulnersOsv
added 2022/12/26 9:30 a.m.6 views

@amitport/koangular-users (=0.0.0), @antimatter-studios/dredd (>=14.1.0 <=15.0.11) +206 more potentially affected by CVE-2022-4742 via json-pointer (>=0.0.4 <=0.6.1)

json-pointer NPM version =0.0.4, =14.1.0, =0.0.1, =0.0.2, =0.0.1, =1.2.6, =2.7.2, =1.0.0, =0.0.0-development, =1.0.0, =2.21.3, =9.0.0, =2.0.0, =0.0.1, =0.1.0 and more Source cves: CVE-2022-4742 Source advisory: OSV:GHSA-6XRF-Q977-5VGC...

9.8CVSS6.7AI score0.01005EPSS
Exploits0
CVE
CVE
added 2022/12/26 7:9 a.m.130 views

CVE-2022-4742

CVE-2022-4742 affects json-pointer up to 0.6.1, specifically the index.js set function, enabling prototype pollution. The issue is exploitable remotely and is fixed by upgrading to 0.6.2 (patch 859c9984b6c407fc2d5a0a7e47c7274daa681941). Affected references consistently describe this as a critical...

9.8CVSS7.8AI score0.01005EPSS
Exploits0References4Affected Software1
vulnersOsv
vulnersOsv
added 2021/08/31 3:48 p.m.6 views

@amitport/koangular-users (=0.0.0), @antimatter-studios/dredd (>=14.1.0 <=15.0.11) +206 more potentially affected by CVE-2020-7709 +2 more via json-pointer (>=0.0.4 <=0.6.1)

json-pointer NPM version =0.0.4, =14.1.0, =0.0.1, =0.0.2, =0.0.1, =1.2.6, =2.7.2, =1.0.0, =0.0.0-development, =1.0.0, =2.21.3, =9.0.0, =2.0.0, =0.0.1, =0.1.0 and more Source cves: CVE-2020-7709, CVE-2021-23820, CVE-2022-4742 Source advisory: SNYK:JS-JSONPOINTER-1577287...

9.8CVSS6.7AI score0.01813EPSS
Exploits2
OpenVAS
OpenVAS
added 2021/02/23 12:0 a.m.24 views

Ubuntu: Security Advisory (USN-4742-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS8.1AI score0.35963EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2020/08/07 12:0 a.m.34 views

Debian DSA-4742-1 : firejail - security update

Tim Starling discovered two vulnerabilities in firejail, a sandbox program to restrict the running environment of untrusted applications. - CVE-2020-17367 It was reported that firejail does not respect the end-of-options separator '--', allowing an attacker with control over the command line...

9.8CVSS8AI score0.04098EPSS
Exploits0References7
OSV
OSV
added 2019/12/20 5:15 p.m.3 views

CVE-2019-4742

IBM Financial Transaction Manager 3.0 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks agains...

6.1CVSS6.6AI score0.00897EPSS
Exploits0References2
CVE
CVE
added 2019/12/20 4:25 p.m.72 views

CVE-2019-4742

IBM Financial Transaction Manager for SWIFT Services 3.0 (3.0.0) is vulnerable to a remote clickjacking-type issue that could allow an attacker to hijack the victim’s click actions when the user visits a malicious page. The IBM bulletin for this CVE-2019-4742 entry confirms vulnerable web UI comp...

6.1CVSS6.6AI score0.00897EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2018/03/16 2:4 p.m.9 views

CVE-2017-4742

...

Exploits0
Rows per page
Query Builder